Cyber Threat Report: Cyber Security News for 5/27/21

Here's what you need to know. The past week has shown how fast attack capabilities can evolve. To follow are key timely events impacting Cyber Security that we here at JANUS Associates believe worthy of your note. For your convenience, we've compiled all articles here where they will also be archived for future reference.

Patch Immediately: Vmware Warns of Critical Remote Code Execution Hole In Vcenter
The US audio tech giant told the New Hampshire Office of the Attorney General that it first detected the ransomware back on March 7 2021. However, nearly two months later, on April 29, it found that human resources files were accessed. Read Article 

Bose Reveals Ransomware Attack Impacting Staff
The US audio tech giant told the New Hampshire Office of the Attorney General that it first detected the ransomware back on March 7 2021. However, nearly two months later, on April 29, it found that human resources files were accessed. Read Article

Three-Quarters of CISOs Predict Another SolarWinds-Style Attack
Some 84% of global organizations have suffered a serious security incident over the past two years and a majority are expecting another SolarWinds-style supply chain attack, according to a new Splunk report. Read Article

Cyber-Insurance Premiums Surged by Up to 30% in 2020
According to a recent survey of insurance brokers, prices had risen 10-30% in late 2020. It also singled out healthcare and education as two sectors where insurers are now offering lower coverage limits. Read Article

FBI Employee Indicted Over Illegal Document Removal
Alan Kohler, Jr., assistant director of the FBI’s Counterintelligence Division, said: “The breadth and depth of classified national security information retained by the defendant for more than a decade is simply astonishing." Read Article

Apple Fixes macOS Zero Day Vulnerability, Abused by XCSSET macOS Malware
Apple has released security updates for a variety of its products, including a patch for three macOS and tvOS zero-day vulnerabilities. The patch comprises a zero-day vulnerability fix that has been exploited in the wild for nearly a year by the XCSSET malware gang. Read Article

Google Play Store to Add Privacy Labels to Android Apps by 2022
The privacy labels are meant to give end users a quick reference to the range of data that Android apps are asking for. Read Article

Rom con: How Romance Fraud Targets Older People and How To Avoid It
Online dating scams often follow the same script – here’s what senior citizens should watch out for and how their younger relatives can help them avoid falling victim. Read Article

Local Governments Purchase Chinese Surveillance Technology, Raising Privacy Concerns
At least 100 U.S. counties, towns and cities have bought China-made surveillance systems that the U.S. government has linked to human rights abuses. Read Article